Metasploit mailing list archives
Re: framework Digest, Vol 28, Issue 38
From: John Biondolillo <johnb.electric () gmail com>
Date: Mon, 31 May 2010 05:54:59 -0400
Well they do provide some payload asm source in the /msf/external/source/shellcode/ (i think this is the dir), but I can't seem to find dl_exec asm only the hexcodes in the payload ruby file. And I'm not having the best luck converting back to asm or disassembling the binary on windows with ida and olly, based on a suggestion I'm gonna try to use ndisasm on linux On Mon, May 31, 2010 at 3:53 AM, Sachin Shinde <sachinshinde11 () gmail com>wrote:
1. I can't find the asm source for download_exec, since its a simplepayload its the next one I want to do, theres a million examples online but the one in the framework seems to be very reliable.Can anyone point me in the right direction to find it. All payloads are "hardcoded" .no asm source only hexcodes.(am I right ?) On Mon, May 31, 2010 at 12:30 AM, <framework-request () spool metasploit com> wrote:Send framework mailing list submissions to framework () spool metasploit com To subscribe or unsubscribe via the World Wide Web, visit https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request () spool metasploit com You can reach the person managing the list at framework-owner () spool metasploit com When replying, please edit your Subject line so it is more specific than "Re: Contents of framework digest..." Today's Topics: 1. Dynamic creation of payload executables with metasm (John Biondolillo) ---------------------------------------------------------------------- Message: 1 Date: Sun, 30 May 2010 14:33:27 -0400 From: John Biondolillo <johnb.electric () gmail com> To: framework () spool metasploit com Subject: [framework] Dynamic creation of payload executables with metasm Message-ID: <AANLkTimEHGQf1xCAe2J6K5Rtt1K48FNd-yoPmbiQ2m6v () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" I know this is in the works but since I'm impatient I started working onitmy self. I've got a basic payload that just displays a message box withusersupplied data, its portable code so it can be used from Windows 2000 - Windows 7, but I'm new to assembly so there is no polymorphism meaning if you create two payloads with the same input they'd be identical I'mguessingthis is were the encoders come in. I have two questions: 1. I can't find the asm source for download_exec, since its a simple payload its the next one I want to do, theres a million examples onlinebutthe one in the framework seems to be very reliable.Can anyone point me in the right direction to find it. 2. Whats this best way to make each payload unique, adding junk code,randomcharacters were able in the header, or just try to use one of the encoder stubs? Thanks John -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20100530/8e6f54db/attachment-0001.html------------------------------ _______________________________________________ framework mailing list framework () spool metasploit com https://mail.metasploit.com/mailman/listinfo/framework End of framework Digest, Vol 28, Issue 38 *****************************************_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: framework Digest, Vol 28, Issue 38 Sachin Shinde (May 31)
- Re: framework Digest, Vol 28, Issue 38 John Biondolillo (May 31)